﻿<?php
// Code mẫu thử nghiệm kết nối thanh toán điện tử với Payoo Payoo
// Code nhận dữ liệu feedback về từ Server Payoo sau khi thanh toán xong
// Doanh nghiệp viết xử lý dựa trên kết quả feedback ghi nhận tiền thanh toán của khách hàng cho 1 hóa đơn
// Hỗ trợ: Phạm Hoàng Hải - Yahoo: phhai@ymail.com

include_once('Lib/PayooNotify.php');
include_once('Lib/PayooSignature.php');

if ( $_SERVER['REQUEST_METHOD'] === 'POST' )
{	
	$NotifyMessage = stripcslashes($_REQUEST["NotifyData"]);
        
        /*
        $NotifyMessage = '<?xml version="1.0"?><PayooConnectionPackage xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><Data>PFBheW1lbnROb3RpZmljYXRpb24+PHNob3BzPgogICAgICAgIDxzaG9wPgogICAgICAgICAgICA8c2Vzc2lvbj4xMzQ5MDgyNDY5PC9zZXNzaW9uPgogICAgICAgICAgICA8dXNlcm5hbWU+cG5obG9uZzwvdXNlcm5hbWU+CiAgICAgICAgICAgIDxzaG9wX2lkPjMwODwvc2hvcF9pZD4KICAgICAgICAgICAgPHNob3BfdGl0bGU+VMO0aSB5w6p1IGPDtG5nIG5naOG7hzwvc2hvcF90aXRsZT4KICAgICAgICAgICAgPHNob3BfZG9tYWluPmh0dHA6Ly90b2l5ZXVjb25nbmdoZS5jb208L3Nob3BfZG9tYWluPgogICAgICAgICAgICA8c2hvcF9iYWNrX3VybD5odHRwOi8vdG9peWV1Y29uZ25naGUuY29tL3BheW9vL3JlY2VpdmUucGhwPC9zaG9wX2JhY2tfdXJsPgogICAgICAgICAgICA8b3JkZXJfbm8+MTM0OTA4MjQ2OTwvb3JkZXJfbm8+CiAgICAgICAgICAgIDxvcmRlcl9jYXNoX2Ftb3VudD4xPC9vcmRlcl9jYXNoX2Ftb3VudD4KICAgICAgICAgICAgPG9yZGVyX3NoaXBfZGF0ZT4wMS8xMC8yMDEyPC9vcmRlcl9zaGlwX2RhdGU+CiAgICAgICAgICAgIDxvcmRlcl9zaGlwX2RheXM+MTwvb3JkZXJfc2hpcF9kYXlzPgogICAgICAgICAgICA8b3JkZXJfZGVzY3JpcHRpb24+TSVDMyVCNCt0JUUxJUJBJUEzK2NoaSt0aSVFMSVCQSVCRnQrdiVFMSVCQiU4MStzJUUxJUJBJUEzbitwaCVFMSVCQSVBOW0lMkMrdGhhbmgrdG8lQzMlQTFuK2NobyttJUMzJUEzKyVDNCU5MSVDNiVBMW4raCVDMyVBMG5nKzEzNDkwODI0Njk8L29yZGVyX2Rlc2NyaXB0aW9uPgoJCQk8bm90aWZ5X3VybD5odHRwOi8vdG9peWV1Y29uZ25naGUuY29tL3BheW9vL05vdGlmeUxpc3RlbmVyLnBocDwvbm90aWZ5X3VybD4KICAgICAgICA8L3Nob3A+CiAgICAgICAgPC9zaG9wcz48U3RhdGU+UEFZTUVOVF9SRUNFSVZFRDwvU3RhdGU+PC9QYXltZW50Tm90aWZpY2F0aW9uPg==</Data><Signature>MIIBbQYJKoZIhvcNAQcCoIIBXjCCAVoCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHATGCATkwggE1AgEBMIGSMIGEMQswCQYDVQQGEwJWVTEMMAoGA1UECBMDSENNMQwwCgYDVQQHEwNIQ00xEjAQBgNVBAoTCVZpZXRVbmlvbjEOMAwGA1UECxMFUGF5b28xDjAMBgNVBAMTBVBheW9vMSUwIwYJKoZIhvcNAQkBFhZwYXlvb0B2aWV0dW5pb24uY29tLnZuAgkA673T+Q8894cwCQYFKw4DAhoFADANBgkqhkiG9w0BAQEFAASBgAHStRpJexioDOWBBTa44OKtxBLqKqypKooPOBlsRS2tjBntTq9eW4Jy7oNMGJo/NmSEyR17zSZlnRrtfWEwHwRjhU5ciSENMw6biYaCd/Dkcu3EIXF76GMVjZqyhl8IIpMpj5FwVzCk1V6YS2cwOg7pN3QZWARtVcDPOQz7gWUn</Signature><PayooSessionID>MxWL2eBTGvNEixazgjGqZSQaOhbVQMC/9e/d5ikxaHKzC5+15a9qavxIHBzcxGusWBQwBWOloJku+OYO6+osng==</PayooSessionID></PayooConnectionPackage>';
        */
        
	print("Post data: ".$NotifyMessage);	
	if($NotifyMessage == null || '' === $NotifyMessage)
		return;

	$listener = new PayooNotify($NotifyMessage);
	$invoice = $listener->GetPaymentNotify();	
	$notifyData = $listener->GetNotifyData();
	$signature = $listener->GetSignature();
	
	//Xác thực chữ ký của payoo trong gói notify
	$a = new PayooSignature();
	$res = $a->Verify($notifyData, $signature);
        
	// Kiểm tra dữ liệu trả ra có phải từ server Payoo không? Nếu dữ liệu lấy từ Server Payoo thì bắt xử lý, ghi nhập vào database
	if($res === true)
	{
		if($invoice->getState() == 'PAYMENT_RECEIVED')
		{
			$invoice = $listener->GetPaymentNotify();	
			
			$out = fopen('invoice.txt', 'a');  
			fwrite($out, "\r\nDate: ".date("Y-m-d H:i:s"));
			fwrite($out, "\r\nREMOTE ADDR (expect 118.69.206.8) : ".$_SERVER['REMOTE_ADDR']);
			fwrite($out, "\r\nOrderNo: ".$invoice->getOrderNo());
			fwrite($out, "\r\nOrderCashAmount: ".$invoice->getOrderCashAmount());
			
			//PAYMENT_RECEIVED là trạng thái khách hàng đã thanh toán bằng payoo
			fwrite($out, "\r\nState: ".$invoice->getState());
			
			fwrite($out, "\r\nNotify Url: ".$invoice->getNotifyUrl());
			fwrite($out, "\r\nShop Domain: ".$invoice->getShopDomain());
			fwrite($out, "\r\nShop back url: ".$invoice->getShopBackUrl());
			fwrite($out, "\r\n");
			//... so on...
			fclose($out);
		}
	}
	else
	{
		$out = fopen('error.txt', 'a');
		fwrite($out, "\r\nDate: ".date("Y-m-d H:i:s"));
		fwrite($out, "\r\nREMOTE ADDR (expect 118.69.206.8) : ".$_SERVER['REMOTE_ADDR']);
		fwrite($out, "\r\n: Không phải tin nhận được từ payoo\r\n");
		//... so on...
		fclose($out);
	}

}
?>